HackDig : Dig high-quality web security articles for hacker

Otherwise known as the measuring stick by which your GDPR compliance will be assessed, the six core principles of the GDPR are the basic foundations upon which the regulation was constructed.Unquestionable and pure in nature, they are rarely acknowledged for one simple reason: five of the six have no real application in helping you in peddling products and s

The annual RSA Conference is a lot of things to a lot of people (43,000 this year!). For me, it’s become an annual opportunity to step out of the stream and to look back at what has happened in the last year and peer forward at what’s to come.This year, I think we have reached an inflection point around the way we as a profession treat the “human element,” a

Large hacks and cyber-attacks aimed at exploiting information, affecting everyone from major company databases to politician’s email accounts, have now become a common occurrence in our ever-connected world. This hacked information – and the act of accessing it – has rapidly become a sought-after product and service on dark web marketplaces. Coupled with the

New media, it would appear, now outpaces the old. More data is consumed and processed than at any time before in human history. But as we hasten into a world where the immediate is often favoured over the verified, the attention-grabbing over the considered, and the assumed over the researched in terms of how we both receive and disseminate information, we o

The current diagnosis for healthcare cyber security is frightening.Here’s our current assessment:One in three healthcare records were compromised in 2015 (IBM 2016).Healthcare is the number one industry when it comes to its records being breached (IBM 2016).Ransomware is on the rise, with 88 percent of attacks occurring in healthcare (Solutionary 2016)

Confidentiality, Integrity and Availability – those are the three pillars of the CIA triad model for information security.Here’s something you might not have known: in reverse order, those same pillars apply to IT Operations. Think about it. In a world of agility and enablement, the availability, integrity and confidentiality of the systems and process

Hutton Hotel became the latest hospitality company to warn customers of a data breach that may have compromised their payment card details.The Nashville, Tenn.-based upscale hotel announced the security incident on Friday, stating it was notified of the potential breach by its payment processor.Subsequently, the company said it began an investigation, engagi

The challenges facing security professionals certainly aren’t getting any easier – nor are they likely to do so anytime soon. Not only are the skills and knowledge that we need to operate evolving at an ever-relentless pace but also rapidly diversifying far beyond the familiar technical and governance areas we have been used to.When it seems that even the qu

When we look at online social media, it has been adopted in one flavour or another by nearly all of us. The way we project our persona online has slowly replaced the media of yesteryear. Expression is nothing new; throughout history, people have displayed their wealth, status, literary prowess and wit in the hope of being desired, feared, pondered and admire

We have repeatedly countered the arguments that people don’t have anything to hide, and can comfortable ignore the privacy threats on the Internet. That’s a very unwise attitude and here’s some more examples why.
We have also talked a lot about on-line scams and how to avoid them. A key challenge for any scammer is to be trustworthy in the eyes of the victim

If you like sailing and tall ships, I can recommend this podcast about Pam Bitterman’s book Sailing to the far horizon. It’s a great story about the last years of the community-operated ship Sofia, covering both a lot of happy sailing and the ship’s sad end in the early eighties. But this is not about hippies on a ship, it’s about how we record and remember

The application is vulnerable to an elevation of privileges vulnerability which can be used by a simple user that can change the executable file with a binary of choice. The vulnerability exist due to the improper permissions, with the ‘F’ flag (full) for the ‘Everyone’ and ‘Users’ group, for the ‘RichClient.exe̵